Results 1 to 5 of 5

Thread: Google adsense banners...

Hybrid View

  1. #1
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888

    Question Google adsense banners...

    Hi Everyone, its been a while since I have posted here, but I need you to help me settle an argument. Since I am fairly sure I am right, and it seems to me a no brainer, I am posting it here in the newbie forum.

    User: Everyone who visits the url **********MODERATOR EDIT: CLICK AT YOUR OWN RISK: www.ffxiah.com *********** is having a trojan/keylogger uploaded to their computer and allowing the "cracker" to steal their passwords and account information to their game accounts.

    Me: I find that a bit hard to swallow, can you prove this?

    User: Everyone I know has visited this site and who have had their accounts hacked all have the same program on it, a trojan that installs a keylogger.

    Me: and they did not click the google ad links.

    User no


    Is there a way for this to happen? Could he be right? Can one of our experts visit this site and find out if there is anything to what he is alleging. I understand this is a very serious accusation. I trust google's ads myself, like I said I find this hard to swallow.
    Last edited by Negative; December 12th, 2007 at 02:40 AM.
    I have a question; are you the bug, or the windshield?

  2. #2
    Senior Member t34b4g5's Avatar
    Join Date
    Sep 2003
    Location
    Australia.
    Posts
    2,391

    Post

    Firstly. Remove the URL. As a n00bie might click the link and infect there own computer.

    Secondly get the owner to check the logs to the site, It would seem that someone has gained Admin access to the server and has edited the DB and the index.php from what i can see.

    The attacker is using nice looking xss attack. {Cross site scripting}.

    The registered user logs in using the log in area, they enter there details into the infected area, thus the credentials are being sent to a remote server and the attacker gets the users login details and can do what they wish.

    Also get the Admin to check the Google ad codes with the code that he/she was given from Google Adsense.

    The attacker could also have modified the ad's to use a simple javascript to download a trojan or dropper if the xss did not work.

    Do the usual checking server logs for strange activity. Check file permissions, Also check and double check as you don't know if the attacker has changed/edited other files just incase the most noticable ones get removed.

    And if still in doubt, and are able to pin point where the strangeness started to happen then use a back up prior to that happening and fix the hole.
    Last edited by t34b4g5; December 12th, 2007 at 02:37 AM.

  3. #3
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888
    Thanks for the edit Negative, I should have noted that one myself.

    t34b4g5, so there actually is a problem with this site? Thanks for the info I will send the sight admin a message.
    I have a question; are you the bug, or the windshield?

  4. #4
    Senior Member
    Join Date
    Dec 2001
    Posts
    884
    Quote Originally Posted by aeallison
    Thanks for the edit Negative, I should have noted that one myself.

    t34b4g5, so there actually is a problem with this site? Thanks for the info I will send the sight admin a message.
    It's exactly as t34b4g5 said... so, the user is correct. The site has been taken advantage of.

  5. #5
    Gray Haired Old Fart aeallison's Avatar
    Join Date
    Jul 2002
    Location
    Buffalo, Missouri USA
    Posts
    888
    Thanks jehnx, unfortunately the site doesn't give anyway to contact the administrator. I suppose I will have to dust off my white hat and attempt to contact him/her via domain info.
    I have a question; are you the bug, or the windshield?

Similar Threads

  1. Google vs eBay
    By Egaladeist in forum General Computer Discussions
    Replies: 1
    Last Post: October 28th, 2005, 04:49 AM
  2. Befriending Google
    By ch4r in forum Other Tutorials Forum
    Replies: 2
    Last Post: January 21st, 2005, 02:53 PM
  3. Google as a Hacking Tool
    By 3rr0r in forum The Security Tutorials Forum
    Replies: 26
    Last Post: December 1st, 2004, 06:31 AM
  4. Google is watching you...
    By MrLinus in forum Web Security
    Replies: 13
    Last Post: August 7th, 2004, 04:13 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •